Claims 



1 1. A method for retrieving digital objects from a group of digital objects 

2 maintained by a database, the group of digital objects being represented by the equation 

3 G = {mj, i = 1, 2, N), wherein G represents the group of digital objects, N represents 

4 the number of digital objects maintained by the database, i represents an index having 

5 allowable values between 1 and N inclusive, and n\ represents an i* digital object 

6 within the group of digital objects, the method comprising: 

7 generating a random number R and keys i having allowable values between 1 

8 and N inclusive, for a symmetric key cryptosystem; 

9 determining a prime number p; 

10 encrypting digital object m i with key kj using the symmetric key cryptosystem to 

1 1 obtain ciphertext q; 

1 2 assigning a value of k * mod p to a key ciphertext s t , 

13 responsive to the database receiving a request signal from a user, sending q, and 

14 s t to the user; 

1 5 receiving from the user a number n of input signals W, such that n is less than N, 

1 6 and j is an index having allowable values between 1 and n inclusive; 

17 computing changed ciphertext such that U t is equal to w™ 9 "** mod p; and 

1 8 sending Uj to the user. 

1 2. The method of claim I, where the modulo operations may be carried out 

2 in any group in which a discrete logarithm is infeasible to compute. 
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3, A method for a user to privately retrieve digital objects from a group of 
digital objects G = { irij, i = 1, 2, N) maintained by a database, the method comprising 
the steps of: 

sending a request signal to the database; 

receiving reply signals q, 1 = 1, 2, N from the database; 

generating random numbers w,, computing and sending W ( = s™* mod p, j = 1, 2, 
n to the database; 

receiving signals Up j = 1, 2, n from the database; 

computing = Uj 17 *^^ mo d p, j = 1, 2, n; and 

decrypting with and a symmetric key cryptosystem to recover digital objects 
try j = 1,2, n. 

4 . The method of claim 3, wherein the modulo operations may be carried out 
in any group in which a discrete logarithm is infeasible to compute. 

5. A method for selectively retrieving digital objects from a database of 
digital objects using a symmetric key cryptosystem, the method comprising: 
for each digital object in the database: 

generating a unique key for the symmetric key cryptosystem; 

associating the key with the digital object; 

encrypting the digital object vising the associated key and the 

symmetric key cryptosystem to produce a ciphertext of the 
digital object; 

encrypting the associated key to obtain a ciphertext of the key; 
transmitting the ciphertext of the digital object and the ciphertext of 
the key associated with the digital object to a user; 
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12 receiving at least one changed ciphertext of the keys associated with the digital 

1 3 objects in the database; 

14 decrypting each received changed cipher text; and 

1 5 transmitting the decrypted received changed ciphertexts. 
16 

1 6. A method for retrieving digital objects from a group of digital objects 

2 maintained by a database, the method comprising the steps of: 

3 selectively requesting a plurality of digital objects from the database; 

4 receiving encrypted ciphertext digital objects from the database; 

5 receiving from the database encrypted ciphertext keys associated with the 

6 received ciphertext digital objects; 

7 encrypting at least one of the encrypted ciphertext keys to obtain changed 
$ ciphertext keys; 

9 sending the changed ciphertext keys to the database; 

I o receiving partially decrypted changed ciphertext keys from the database; 

I I decrypting the partially decrypted changed ciphertext keys; and 

1 2 decrypting at least one of the received ciphertext digital objects using the 
15 decrypted keys- 

1 7. An apparatus comprising: 

2 a computerized database; 

3 coupled to the database / a computer user; 

4 coupled to the database, a transmitting module for transmitting data to the user; 

5 coupled to the database, a receiving module for receiving data from the user; 

6 coupled to the database, a random number generating module for generating 

7 random numbers; 
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8 coupled to the database, a key generating module for generating cryptographic 

9 keys; 

1 0 coupled to the database, an encrypting module for encrypting data; 

1 1 coupled to the database, a decrypting module for decrypting data; 

1 2 coupled to the user, a requesting module for requesting data from the database; 

1 3 coupled to the user, a transmitting module, for transmitting data to the database; 

1 4 coupled to the user, a receiving module, for receiving data from the database; 

1 5 coupled to the user, a random number generating module for generating random 

numbers; 

1 7 coupled to the user, an encrypting module for encrypting data; and 

1 8 coupled to the user, a decrypting module for decrypting data. 



1 8, A computer program product stored on a computer readable medium for 

2 retrieving digital objects from a group of digital objects maintained by a database, the 

3 computer program product controlling a processor coupled to the medium to perform 

4 ^ the operations of; 



5 for each digital object in the database; 

6 generating a unique key for a symmetric key cryptosystem; 

7 associating the key with the digital object; 

8 encrypting the digital object using the associated key and the 

9 symmetric key cryptosystem to produce a ciphertext of the 

10 digital object; 

1 1 encrypting the associated key to obtain a ciphertext of the key; 

1 2 transmitting the ciphertext of the digital object and the ciphertext of 

1 3 the key associated with the digital object to a user; 

14 receiving at least one changed ciphertext of the keys associated with the digital 

1 5 objects in the database; 
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decrypting each received changed ciphertext; and 
transmitting the decrypted received changed ciphertexts. 
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